In an attempt to find how to switch the psp's wireless chip into the monitoring mode (aka promiscuous mode), I started to reverse wlan modules.
As the time lacks, I unveil my current work with the hope that someone will want to continue this project. I only started to reverse wlan.prx as far.
Tools I used:
-Prxtools fixed by VF
-The Mars emulator to test the effects of instructions on the registers
-A NID table psp.xml built by Coldbird and VF
-Wlan.prx
So, here are the download links:
-Tools (prxtools, nid table...): http://www.mediafire.com/?acliwyedu5b5kan
-Current reverse work: http://www.mediafire.com/?uypgcs6l7gvc86a
-wlan.prx of the 6.60fw and wlanfirm of the pspgo: http://www.mediafire.com/?57m73gojltbo8pk
Here is what the code currently looks like:
So, the reverse is not finished and I didn't find every structure, nor did I find the use of every field.
I hope someone will be interrested in, when the reverse will be done, we'll know how to put the wlan chip in monitoring mode thus allowing us to easily port airodump-ng and aircrack-ng on the psp
Advertising
